CNNVD-202601-005 Information

CNNVD ID

CNNVD-202601-005

Related CVE

CVE-2025-15413

• CNNVD Published: 2026-01-01

Description (Chinese)

Wasm3是Wasm3开源的一个快速的WebAssembly解释器和最通用的WASM运行时。 Wasm3 0.5.0及之前版本存在缓冲区错误漏洞，该漏洞源于文件m3_exec.h中op_SetSlot_i32/op_CallIndirect函数存在内存损坏，可能导致本地攻击。

Description (English)

Wasm3 is a fast WebAssembly interpreter and the most common Wasm running time. Wasm3 0.5.0 and previous versions had an error loophole in the buffer zone, which originated from the memory damage of the SetSlot i32op CallIndirect function in document m3 exec.h, which could lead to a local attack.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

Wasm3

Published

2026-01-01

Last Modified

2026-02-24

References

https://vuldb.com/?id.339334 https://github.com/wasm3/wasm3/ https://vuldb.com/?submit.719829 https://vuldb.com/?ctiid.339334 https://github.com/wasm3/wasm3/issues/543 https://github.com/wasm3/wasm3/issues/547 https://vuldb.com/?submit.719831 https://access.redhat.com/security/cve/cve-2025-15413